Red Hat Bugzilla – Bug 239828
CVE-2007-2589 CSRF through HTML message in squirrelmail
Last modified: 2016-03-04 06:12:32 EST
<img src="compose.php?..."> was allowed in HTML e-mail mesages.
See URL for whole upstream advisory.
The fix for this issue is the same as for CVE-2007-1262, bug #239647.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.